From patchwork Fri Sep 27 15:47:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Dybkowski, AdamX" X-Patchwork-Id: 60034 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 1FA6F1BF25; Fri, 27 Sep 2019 17:49:54 +0200 (CEST) Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) by dpdk.org (Postfix) with ESMTP id A31112C27 for ; Fri, 27 Sep 2019 17:49:47 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga105.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 27 Sep 2019 08:49:47 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,556,1559545200"; d="scan'208";a="273854529" Received: from adamdybx-mobl.ger.corp.intel.com (HELO localhost.localdomain) ([10.104.14.185]) by orsmga001.jf.intel.com with ESMTP; 27 Sep 2019 08:49:45 -0700 From: Adam Dybkowski To: dev@dpdk.org, fiona.trahe@intel.com, arkadiuszx.kusztal@intel.com, akhil.goyal@nxp.com Cc: Adam Dybkowski Date: Fri, 27 Sep 2019 17:47:37 +0200 Message-Id: <20190927154739.26404-2-adamx.dybkowski@intel.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20190927154739.26404-1-adamx.dybkowski@intel.com> References: <20190906144751.3420-1-adamx.dybkowski@intel.com> <20190927154739.26404-1-adamx.dybkowski@intel.com> Subject: [dpdk-dev] [PATCH v2 1/3] test/crypto: add more AES GCM tests for QAT PMD X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds 256-bit AES GCM tests for QAT PMD (which already existed for AESNI and OpenSSL) and also adds a number of negative unit tests for AES GCM for QAT PMD, in order to verify authenticated encryption and decryption with modified data. Signed-off-by: Adam Dybkowski --- app/test/test_cryptodev.c | 253 +++++++++++++++++++++++++++++++++++++- 1 file changed, 248 insertions(+), 5 deletions(-) diff --git a/app/test/test_cryptodev.c b/app/test/test_cryptodev.c index 9a226bd15..a0629c402 100644 --- a/app/test/test_cryptodev.c +++ b/app/test/test_cryptodev.c @@ -6939,7 +6939,8 @@ create_aead_operation(enum rte_crypto_aead_operation op, } static int -test_authenticated_encryption(const struct aead_test_data *tdata) +test_authenticated_encryption_silent(const struct aead_test_data *tdata, + uint8_t silent_mode) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; @@ -7005,6 +7006,12 @@ test_authenticated_encryption(const struct aead_test_data *tdata) debug_hexdump(stdout, "auth tag:", auth_tag, tdata->auth_tag.len); /* Validate obuf */ + if (silent_mode) + return !memcmp(ciphertext, tdata->ciphertext.data, + tdata->ciphertext.len) && + !memcmp(auth_tag, tdata->auth_tag.data, + tdata->auth_tag.len) ? 0 : TEST_FAILED; + TEST_ASSERT_BUFFERS_ARE_EQUAL( ciphertext, tdata->ciphertext.data, @@ -7021,6 +7028,12 @@ test_authenticated_encryption(const struct aead_test_data *tdata) } +static int +test_authenticated_encryption(const struct aead_test_data *tdata) +{ + return test_authenticated_encryption_silent(tdata, 0); +} + static int test_AES_GCM_authenticated_encryption_test_case_1(void) { @@ -7063,6 +7076,12 @@ test_AES_GCM_authenticated_encryption_test_case_7(void) return test_authenticated_encryption(&gcm_test_case_7); } +static int +test_AES_GCM_authenticated_encryption_test_case_8(void) +{ + return test_authenticated_encryption(&gcm_test_case_8); +} + static int test_AES_GCM_auth_encryption_test_case_192_1(void) { @@ -7160,7 +7179,89 @@ test_AES_GCM_auth_encryption_test_case_aad_2(void) } static int -test_authenticated_decryption(const struct aead_test_data *tdata) +test_AES_GCM_auth_encryption_fail_iv_corrupt(void) +{ + struct aead_test_data tdata; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + tdata.iv.data[0] += 1; + res = test_authenticated_encryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); + return TEST_SUCCESS; +} + +static int +test_AES_GCM_auth_encryption_fail_in_data_corrupt(void) +{ + struct aead_test_data tdata; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + tdata.plaintext.data[0] += 1; + res = test_authenticated_encryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); + return TEST_SUCCESS; +} + +static int +test_AES_GCM_auth_encryption_fail_out_data_corrupt(void) +{ + struct aead_test_data tdata; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + tdata.ciphertext.data[0] += 1; + res = test_authenticated_encryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); + return TEST_SUCCESS; +} + +static int +test_AES_GCM_auth_encryption_fail_aad_len_corrupt(void) +{ + struct aead_test_data tdata; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + tdata.aad.len += 1; + res = test_authenticated_encryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); + return TEST_SUCCESS; +} + +static int +test_AES_GCM_auth_encryption_fail_aad_corrupt(void) +{ + struct aead_test_data tdata; + uint8_t aad[gcm_test_case_7.aad.len]; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + memcpy(aad, gcm_test_case_7.aad.data, gcm_test_case_7.aad.len); + aad[0] += 1; + tdata.aad.data = aad; + res = test_authenticated_encryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); + return TEST_SUCCESS; +} + +static int +test_AES_GCM_auth_encryption_fail_tag_corrupt(void) +{ + struct aead_test_data tdata; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + tdata.auth_tag.data[0] += 1; + res = test_authenticated_encryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "encryption not failed"); + return TEST_SUCCESS; +} + +static int +test_authenticated_decryption_silent(const struct aead_test_data *tdata, + uint8_t silent_mode) { struct crypto_testsuite_params *ts_params = &testsuite_params; struct crypto_unittest_params *ut_params = &unittest_params; @@ -7217,19 +7318,30 @@ test_authenticated_decryption(const struct aead_test_data *tdata) debug_hexdump(stdout, "plaintext:", plaintext, tdata->ciphertext.len); + TEST_ASSERT_EQUAL(ut_params->op->status, + RTE_CRYPTO_OP_STATUS_SUCCESS, + "Authentication failed"); + /* Validate obuf */ + if (silent_mode) + return !memcmp(plaintext, tdata->plaintext.data, + tdata->plaintext.len) ? 0 : TEST_FAILED; + TEST_ASSERT_BUFFERS_ARE_EQUAL( plaintext, tdata->plaintext.data, tdata->plaintext.len, "Plaintext data not as expected"); - TEST_ASSERT_EQUAL(ut_params->op->status, - RTE_CRYPTO_OP_STATUS_SUCCESS, - "Authentication failed"); return 0; } +static int +test_authenticated_decryption(const struct aead_test_data *tdata) +{ + return test_authenticated_decryption_silent(tdata, 0); +} + static int test_AES_GCM_authenticated_decryption_test_case_1(void) { @@ -7272,6 +7384,12 @@ test_AES_GCM_authenticated_decryption_test_case_7(void) return test_authenticated_decryption(&gcm_test_case_7); } +static int +test_AES_GCM_authenticated_decryption_test_case_8(void) +{ + return test_authenticated_decryption(&gcm_test_case_8); +} + static int test_AES_GCM_auth_decryption_test_case_192_1(void) { @@ -7368,6 +7486,87 @@ test_AES_GCM_auth_decryption_test_case_aad_2(void) return test_authenticated_decryption(&gcm_test_case_aad_2); } +static int +test_AES_GCM_auth_decryption_fail_iv_corrupt(void) +{ + struct aead_test_data tdata; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + tdata.iv.data[0] += 1; + res = test_authenticated_decryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed"); + return TEST_SUCCESS; +} + +static int +test_AES_GCM_auth_decryption_fail_in_data_corrupt(void) +{ + struct aead_test_data tdata; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + tdata.plaintext.data[0] += 1; + res = test_authenticated_decryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed"); + return TEST_SUCCESS; +} + +static int +test_AES_GCM_auth_decryption_fail_out_data_corrupt(void) +{ + struct aead_test_data tdata; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + tdata.ciphertext.data[0] += 1; + res = test_authenticated_decryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed"); + return TEST_SUCCESS; +} + +static int +test_AES_GCM_auth_decryption_fail_aad_len_corrupt(void) +{ + struct aead_test_data tdata; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + tdata.aad.len += 1; + res = test_authenticated_decryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed"); + return TEST_SUCCESS; +} + +static int +test_AES_GCM_auth_decryption_fail_aad_corrupt(void) +{ + struct aead_test_data tdata; + uint8_t aad[gcm_test_case_7.aad.len]; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + memcpy(aad, gcm_test_case_7.aad.data, gcm_test_case_7.aad.len); + aad[0] += 1; + tdata.aad.data = aad; + res = test_authenticated_decryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "decryption not failed"); + return TEST_SUCCESS; +} + +static int +test_AES_GCM_auth_decryption_fail_tag_corrupt(void) +{ + struct aead_test_data tdata; + int res; + + memcpy(&tdata, &gcm_test_case_7, sizeof(struct aead_test_data)); + tdata.auth_tag.data[0] += 1; + res = test_authenticated_decryption_silent(&tdata, 1); + TEST_ASSERT_EQUAL(res, TEST_FAILED, "authentication not failed"); + return TEST_SUCCESS; +} + static int test_authenticated_encryption_oop(const struct aead_test_data *tdata) { @@ -10315,6 +10514,8 @@ static struct unit_test_suite cryptodev_qat_testsuite = { test_AES_GCM_authenticated_encryption_test_case_6), TEST_CASE_ST(ut_setup, ut_teardown, test_AES_GCM_authenticated_encryption_test_case_7), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_authenticated_encryption_test_case_8), /** AES GCM Authenticated Decryption */ TEST_CASE_ST(ut_setup, ut_teardown, @@ -10331,6 +10532,8 @@ static struct unit_test_suite cryptodev_qat_testsuite = { test_AES_GCM_authenticated_decryption_test_case_6), TEST_CASE_ST(ut_setup, ut_teardown, test_AES_GCM_authenticated_decryption_test_case_7), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_authenticated_decryption_test_case_8), /** AES GCM Authenticated Encryption 192 bits key */ TEST_CASE_ST(ut_setup, ut_teardown, @@ -10380,6 +10583,22 @@ static struct unit_test_suite cryptodev_qat_testsuite = { TEST_CASE_ST(ut_setup, ut_teardown, test_AES_GCM_auth_encryption_test_case_256_7), + /** AES GCM Authenticated Decryption 256 bits key */ + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_test_case_256_1), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_test_case_256_2), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_test_case_256_3), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_test_case_256_4), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_test_case_256_5), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_test_case_256_6), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_test_case_256_7), + /** AES GMAC Authentication */ TEST_CASE_ST(ut_setup, ut_teardown, test_AES_GMAC_authentication_test_case_1), @@ -10602,6 +10821,30 @@ static struct unit_test_suite cryptodev_qat_testsuite = { authentication_verify_HMAC_SHA1_fail_data_corrupt), TEST_CASE_ST(ut_setup, ut_teardown, authentication_verify_HMAC_SHA1_fail_tag_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_encryption_fail_iv_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_encryption_fail_in_data_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_encryption_fail_out_data_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_encryption_fail_aad_len_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_encryption_fail_aad_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_encryption_fail_tag_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_fail_iv_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_fail_in_data_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_fail_out_data_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_fail_aad_len_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_fail_aad_corrupt), + TEST_CASE_ST(ut_setup, ut_teardown, + test_AES_GCM_auth_decryption_fail_tag_corrupt), TEST_CASE_ST(ut_setup, ut_teardown, authentication_verify_AES128_GMAC_fail_data_corrupt), TEST_CASE_ST(ut_setup, ut_teardown,